A remote user can exploit a race condition when Javascript code navigates the browser to a different domain to cause scripting code on the new page to run in the security context of the original domain.

This can be exploited to set or read cookies, read or modify form submissions, execute scripting code, and read or write DOM objects that have not be fully initialized.